Security firm F5 has disclosed seven different vulnerabilities in its product suite.
Cybersecurity company F5 has published an advisory warning of seven vulnerabilities in its product suite, four of which are classified as critical. The bugs affect all F5 BIG-IP and BIG-IQ deployments and can be abused to perform remote code execution (RCE), denial-of-service (DoS) and device takeover attacks. So severe are the bugs that the US Cyberspace and Infrastructure Agency (CISA) has also published a notice, in which it calls for businesses to “review the F5 advisory and install updated software as soon as possible.” According to the F5 advisory, fixes are now available for all seven vulnerabilities. The most severe of the F5 vulnerabilities, CVE-2021-22987, was handed a severity rating of 9.
